Reviewing the Worst Data Breaches of the First Quarter of 2022

Cybersecurity is not an exact science, but it is something that you can definitely work diligently at. This will often help your organization do more to handle the risks of doing business in the online world. Unfortunately, the amount of attacks that target today’s businesses are starting to overwhelm a lot of the IT security efforts that they take and can lead to data loss or worse. This week, we will take a look at some of the worst data breaches of 2022… so far.

Before we start our list, we should say that data breaches can happen to any organization or person, so having a strong cybersecurity posture is essential. Not only do you need to invest in training your staff on how to protect your business, you need to do the right things in the area of data governance and access control to limit your organization’s risk. Give us a call at SRS Networks at the phone number below if you have any questions on how you can go about improving your organizational cybersecurity strategies. 

January 2022

Crypto.com

The cryptocurrency market is constantly growing and as a result has become a target for hackers worldwide. On January 17, 2022, hackers broke into over 480 users’ cryptocurrency wallets on Crypto.com, making off with a whopping $18 million in Bitcoin as well as $15 million in Ethereum and other currencies. The hackers were able to gain access by bypassing the two-factor authentication the site had set up and gained immediate access to these wallets. 

Tourisme Montreal 

Montreal’s tourism agency admitted that it was the victim of a cyberattack by the Karakurt hacking group. The hacking group is known worldwide for its extortion tactics by exfiltrating data and then demanding organizations pay or have their stolen data leaked or sold. Over 60 people were affected in the six-month-long attack.

Bernalillo County, New Mexico

Bernalillo County was the victim of a ransomware attack that forced the closure of county office buildings over the first week of January. The attack kept county employees from accessing local government databases, grinding operations to a halt. The county implemented new cybersecurity policies and revamped their whole county computing infrastructure at the cost of $2 million. 

Ukraine

Prior to the military conflict between Russia and Ukraine, the latter was victim of a massive cyberattack that sent threatening warnings to Ukrainian government employees that stated “be afraid and wait for the worst”. The attack took down the Ministry of Foreign Affairs and multiple other agency databases. Ukrainian citizens were directed to the nation’s social media channels until the hack was resolved. 

February 2022

GiveSendGo

In February 2022, the Christian fundraising website, GiveSendGo, was hacked in what looks to be a politically-motivated breach. The hackers began to redirect visitors to a page that condemned the Canadian Freedom Convoy protesters, and posted personal information of the 90,000 donors to the Freedom Convoy on the site.

Oiltanking Deutschland GmbH & Co.

Oiltanking Deutschland GmbH & Co., a major supplier of fuel for greater Germany, had to significantly scale back operations after a cyberattack forced them to declare “force majeure” which absolves them of their contractual obligations for a limited time. The whole incident is said to cost the company over $4.5 billion in ransomware demands, downtime, and other costs. 

Wormhole

The blockchain company Wormhole had $324 million in cryptocurrency stolen by hackers in a February incident. The hackers made off with 120,000 wETH (wrapped Ethereum). This caused the company to go offline for maintenance costing them several millions of dollars. In fact, the company went so far as to offer the hacker a “bug bounty” of $10 million to gain more insight into the hack. 

Washington State

The personal information of more than 250,000 Washington residents was exposed in a data breach of the Washington State Department of Licensing database. The agency had to temporarily shut down their POLARIS system due to the hack. The agency holds personal and financial information for any vocation in Washington that needs to be licensed to operate. 

San Francisco 49ers

The San Francisco 49ers National Football League team was hit with ransomware, with hackers stealing a portion of financial data from the team. The hack was carried out by the hacking collective BlackByte and caused the 49ers to restructure their cybersecurity strategy after they paid the ransom.

Ukraine

Leading up to a Russian invasion of Ukraine, a series of cyberattacks knocked out websites of the Ukrainian army, the defense ministry in the nation, and most of their major banks. This event happened just days before Russia invaded portions of the sovereign nation. 

OpenSea

Hundreds of NFTs were stolen from users on peer-to-peer networks of OpenSea, one of the largest companies in their space. The theft was valued at $1.7 million and was successful by tricking several users at the company into signing a malicious payload that authorized the free gift of these NFTs to the hacker. 

March 2020

Viasat

One of the largest satellite communications companies in Europe reported that a cyberattack was causing network outages for millions of broadband subscribers in Eastern Europe. The American-based company admitted that it was a cyberattack taking down these network connections. A complicated distributed denial of service (DDoS) attack was ultimately to blame. 

Samsung

After hacking hardware giant NVIDIA a month prior, the hacking collective Lapsus$ scraped 190 GB of proprietary information from Samsung. Active on social media, the hacking group teased that they had “confidential Samsung source code” as a part of their haul. 

At Least Six US States

An advanced cyber attacking group sponsored by the Chinese government compromised the computing systems of at least six U.S. states. The group, referred to as APT41, stole data as a part of a supposed espionage mission. The APT41 hackers are some of the most wanted criminals by the U.S. government at present. 

Ubisoft

The France-based video game developer Ubisoft was hacked. It had disrupted operations for several days. The company said no personal information was stolen and later the Lapsus$ hacking collective took responsibility for the breach. 

Israel

The Israeli government had their websites taken down for over an hour due to a major cyberattack. The Israeli agency that oversees online policy, the National Cyber Directorate declared a state of emergency. It seems that it was a state-sponsored attack that used a distributed denial of service (DDoS) attack to take down the government sites. 

Jefferson Dental and Orthodontics

A massive data breach at Jefferson Dental and Orthodontics was said to affect over a million users in Texas. Hackers made off with social security numbers, driver’s license numbers, health information, and financial data. 

Microsoft

The hacking collective Lapsus$ leaked the source code of Microsoft’s Bing search engine and Cortana personal assistant. The group was able to compromise a single account to scrape this information. Fortunately, the company was able to shut down the hackers mid-operation. 

ELTA

Greece’s National Postal Service was hit with a devastating ransomware attack late in March. As the largest retail logistics network in the country supporting over 1,400 physical locations, the hack was caught early on and operations were restored after the company suspended the commercial information systems in the post offices for some time. 

Axie Infinity

A cryptocurrency startup that was tied to the popular game Axie Infinity was robbed of over $540 million. Hackers were able to gain access through the game and emptied crypto accounts. As the second-largest cryptocurrency theft in history, we’ve probably not heard the last of the details surrounding this one. 

These data breaches, ransomware, and DDoS attacks are happening more frequently than ever. If you would like to keep your business from having to deal with the circumstances that come with being a victim of an attack like these, give SRS Networks a call today at (831) 758-3636. 

Leave a comment

Your email address will not be published.